Latest News

jSQL Injection - Java GUI for Database Injection.


jSQL is an easy-to-use SQL injection tool that enables the user to retrieve database informations from a distant server.


jSQL injection consists of the following features:

  • Get, Post, header, cookie methods
  • Normal, error based, blind, time-based algorithms
  • Automatic best algorithms detection
  • Data retrieving progression
  • Proxy setting
  • Evasion
For now jSQL injection supports MySQL. And it requires the name of the parameter to inject and the distant server URL.

If you want to test drive the jSQL injection, you can save the following PHP code in a script (for example: simulate_get.php, and continue using the URL http://127.0.0.1/simulate_get.php?lib= in the first field of the tool, then click Connect to access the database:






<?php
    mysql_connect
("localhost", "root", "");
    mysql_select_db
("my_own_database");

    $result
= mysql_query("SELECT * FROM my_own_table where my_own_field = {$_GET['lib']}") # time based
   
or die( mysql_error() ); # error based

   
if(mysql_num_rows($result)!==0) echo" true "; # blind

   
while ($row = mysql_fetch_array($result, MYSQL_NUM))
        echo join
(',',$row); # normal
?>

To download, please click on this link.

Cheers!

About The Author

This article is written by Sindhia Javed Junejo. She is one of the core members of RHA team.

No comments:

Post a Comment

Contact Us

24x7 online , we happy to answer you
tamilcypc@gmail.com

Disclaimer

This Blog and its TUT's are intended for educational purposes only, no-one involved in the creation of this TuT may be held responsible for any illegal acts brought about by this Blog or TuT.



Featured Post

Custom Domains And HTTPS Redirection Code